Apply on Employer Site

Carnegie Mellon University · 2 months ago

Incident Response Coordinator

Pittsburgh, PA

Full-time

Onsite

Senior Level, Lead/Staff

8+ years exp

Carnegie Mellon University is a prestigious institution focused on education, research, and administration. The Incident Response Coordinator is responsible for managing and coordinating the organization’s prevention and response to cybersecurity incidents, ensuring effective incident handling and enhancing cyber resilience.

EducationHigher EducationUniversities

Growth Opportunities

No H1B

U.S. Citizen Only

Responsibilities

Lead and coordinate the end-to-end incident response process from prevention, detection, and response through to post-incident review

Serve as the primary point of contact during active security incidents, ensuring timely escalation and clear communication across teams

Collaborate with SOC analysts, threat hunters, and system owners to analyze, contain, and remediate threats

Maintain and continuously improve incident response plans, playbooks, and communication protocols

Facilitate incident response exercises, simulations, and tabletop scenarios to build readiness

Coordinate with external stakeholders, including law enforcement, regulatory bodies, and third-party service providers, when required

Track incident metrics and produce executive-level reporting and after-action reviews

Contribute to threat intelligence sharing and ensure lessons learned are incorporated into security controls and training

Support policy and compliance efforts related to incident handling, data protection, and reporting obligations

Provide front-line support including SOC coverage and 24x7 on-call rotation, forensic analysis, tool evaluation, eDiscovery support, and training

Supervise incident response team staff

Other related duties as assigned

Qualification

Incident response managementCybersecurity expertiseThreat analysisForensic analysisCommunication skillsPolicy complianceTeam leadershipDocumentation skills

Required

Bachelor's Degree

8-10 years of experience with information security and incident handling in a complex, distributed computing environment

Knowledge of contemporary computing technologies

Successful background check

This position involves access to items or technical data controlled under the U.S. International Traffic in Arms Regulations (“ITAR”). Under U.S. export control laws, restrictions apply to the release or disclosure within the United States of ITAR-controlled technical data to individuals who are NOT “U.S. Persons.” U.S. Persons include U.S. citizens, U.S. nationals, persons lawfully admitted for U.S. permanent residence (“green card” holders), persons granted U.S. asylum status and persons granted U.S. refugee status

Applicants for this position must be currently legally authorized to work for CMU in the United States. CMU will not sponsor or take over sponsorship of an employment visa for this opportunity